In this paper, we present a practical public key certificate structure that is combined with an authentication protocol for roaming across different wireless Internet service providers (ISPs). The design rationale is to enable the mutual authentication between the roaming mobile device (MD) and the visited network to be locally performed without invoking the MD's home ISP. The mutual authentication ensures that the visited network has authenticity as well as a mechanism for establishing the appropriate revenue stream for the roaming MD. The proposed scheme guarantees that the overhead associated with the authentication time is significantly reduced and that the impact of this overhead on the roaming MD is also minimized, although the nested depth of the network mobility is increased. In this paper, we use analytical comparisons to show that the proposed scheme creates less overhead than that of the previous approaches in terms of security and communication performance.